Credo di avere il pc zeppo di virus!

**Dave-Z** · 24-11-2004, 16:44

questo è il nuovo log con il sw che mi hai consigliato:

Logfile of HijackThis v1.98.2
Scan saved at 15.38.15, on 24/11/2004
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\dllmanager.exe
C:\WINDOWS\System32\spoolscv.exe
C:\WINDOWS\System32\klsuicbn.exe
C:\WINDOWS\System32\iexplore.exe
C:\WINDOWS\System32\mpsvc.exe
C:\WINDOWS\System32\wurguar.exe
C:\WINDOWS\System32\spoolcsv.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\System32\winfw.exe
C:\WINDOWS\System32\GSICON.EXE
C:\WINDOWS\System32\dslagent.exe
C:\WINDOWS\System32\winmplyer32.exe
C:\WINDOWS\System32\Yahoo.exe
C:\WINDOWS\Mixer.exe
C:\WINDOWS\System32\RealPlayer.exe
C:\WINDOWS\paint.exe
C:\WINDOWS\taskmsg.exe
C:\WINDOWS\System32\wvsvc.exe
C:\WINDOWS\System32\msass43.exe
C:\WINDOWS\iexplorer.exe
C:\WINDOWS\System32\wuamgrder.exe
C:\WINDOWS\System32\crsss.exe
C:\WINDOWS\System32\msnmsgrr.exe
C:\WINDOWS\System32\SystemStat.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Programmi\Messenger\msmsgs.exe
C:\Documents and Settings\Fuck xp!\Desktop\HijackThis1982.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Collegamenti
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [GSICONEXE] GSICON.EXE
O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB
O4 - HKLM\..\Run: [Quicktime Mediaplayer] winmplyer32.exe
O4 - HKLM\..\Run: [Yahoo Update] Yahoo.exe
O4 - HKLM\..\Run: [dlite] dllmanager.exe
O4 - HKLM\..\Run: [ALTER DATA] c:\windows\system32\ccdew\repcale.exe c:\windows\system32\ccdew\beird.exe
O4 - HKLM\..\Run: [WinAC v4] klsuicbn.exe
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [RealPlayer] RealPlayer.exe
O4 - HKLM\..\Run: [nternet Explorer] iexplore.exe
O4 - HKLM\..\Run: [winlogin.exe] C:\WINDOWS\paint.exe
O4 - HKLM\..\Run: [taskmgr.exe] C:\WINDOWS\taskmsg.exe
O4 - HKLM\..\Run: [MP Services] mpsvc.exe
O4 - HKLM\..\Run: [Starting up] wvsvc.exe
O4 - HKLM\..\Run: [Windows Media Player] msass43.exe
O4 - HKLM\..\Run: [Microsoft Windows Securety] wurguar.exe
O4 - HKLM\..\Run: [notepad.exe] C:\WINDOWS\iexplorer.exe
O4 - HKLM\..\Run: [Win32s USB Drivers] spoolcsv.exe
O4 - HKLM\..\Run: [Windows Automatic Update] wuamgrder.exe
O4 - HKLM\..\Run: [Windows media service] crsss.exe
O4 - HKLM\..\Run: [PK Services] pksvc.exe
O4 - HKLM\..\Run: [blah service] msnmsgrr.exe
O4 - HKLM\..\Run: [Win32 Firewall Driver] winfw.exe
O4 - HKLM\..\Run: [System Stats] SystemStat.exe
O4 - HKLM\..\Run: [Win32 USB32 Driver] spoolscv.exe
O4 - HKLM\..\RunServices: [Quicktime Mediaplayer] winmplyer32.exe
O4 - HKLM\..\RunServices: [Yahoo Update] Yahoo.exe
O4 - HKLM\..\RunServices: [dlite] dllmanager.exe
O4 - HKLM\..\RunServices: [ALTER DATA] c:\windows\system32\ccdew\repcale.exe c:\windows\system32\ccdew\beird.exe
O4 - HKLM\..\RunServices: [WinAC v4] klsuicbn.exe
O4 - HKLM\..\RunServices: [RealPlayer] RealPlayer.exe
O4 - HKLM\..\RunServices: [nternet Explorer] iexplore.exe
O4 - HKLM\..\RunServices: [MP Services] mpsvc.exe
O4 - HKLM\..\RunServices: [Starting up] wvsvc.exe
O4 - HKLM\..\RunServices: [Windows Media Player] msass43.exe
O4 - HKLM\..\RunServices: [Microsoft Windows Securety] wurguar.exe
O4 - HKLM\..\RunServices: [Win32s USB Drivers] spoolcsv.exe
O4 - HKLM\..\RunServices: [Windows Automatic Update] wuamgrder.exe
O4 - HKLM\..\RunServices: [Windows media service] crsss.exe
O4 - HKLM\..\RunServices: [PK Services] pksvc.exe
O4 - HKLM\..\RunServices: [blah service] msnmsgrr.exe
O4 - HKLM\..\RunServices: [Win32 Firewall Driver] winfw.exe
O4 - HKLM\..\RunServices: [System Stats] SystemStat.exe
O4 - HKLM\..\RunServices: [Win32 USB32 Driver] spoolscv.exe
O4 - HKLM\..\RunOnce: [dlite] dllmanager.exe
O4 - HKLM\..\RunOnce: [Win32 USB32 Driver] spoolscv.exe
O4 - HKLM\..\RunOnce: [WinAC v4] klsuicbn.exe
O4 - HKLM\..\RunOnce: [nternet Explorer] iexplore.exe
O4 - HKLM\..\RunOnce: [MP Services] mpsvc.exe
O4 - HKLM\..\RunOnce: [Microsoft Windows Securety] wurguar.exe
O4 - HKLM\..\RunOnce: [Win32s USB Drivers] spoolcsv.exe
O4 - HKLM\..\RunOnce: [Win32 Firewall Driver] winfw.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Programmi\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [dlite] dllmanager.exe
O4 - HKCU\..\Run: [Yahoo Update] Yahoo.exe
O4 - HKCU\..\Run: [Win32 USB32 Driver] spoolscv.exe
O4 - HKCU\..\Run: [ALTER DATA] c:\windows\system32\ccdew\repcale.exe c:\windows\system32\ccdew\beird.exe
O4 - HKCU\..\Run: [WinAC v4] klsuicbn.exe
O4 - HKCU\..\Run: [RealPlayer] RealPlayer.exe
O4 - HKCU\..\Run: [nternet Explorer] iexplore.exe
O4 - HKCU\..\Run: [MP Services] mpsvc.exe
O4 - HKCU\..\Run: [Microsoft Windows Securety] wurguar.exe
O4 - HKCU\..\Run: [Win32s USB Drivers] spoolcsv.exe
O4 - HKCU\..\Run: [Win32 Firewall Driver] winfw.exe
O4 - HKCU\..\Run: [Windows Media Player] msass43.exe
O4 - HKCU\..\Run: [Starting up] wvsvc.exe
O4 - HKCU\..\Run: [System Stats] SystemStat.exe
O4 - HKCU\..\RunServices: [ALTER DATA] c:\windows\system32\ccdew\repcale.exe c:\windows\system32\ccdew\beird.exe
O4 - HKCU\..\RunOnce: [WinAC v4] klsuicbn.exe
O4 - HKCU\..\RunOnce: [nternet Explorer] iexplore.exe
O4 - HKCU\..\RunOnce: [MP Services] mpsvc.exe
O4 - HKCU\..\RunOnce: [Microsoft Windows Securety] wurguar.exe
O4 - HKCU\..\RunOnce: [Win32s USB Drivers] spoolcsv.exe
O4 - HKCU\..\RunOnce: [Win32 Firewall Driver] winfw.exe
O4 - HKCU\..\RunOnce: [Win32 USB32 Driver] spoolscv.exe
O4 - HKCU\..\RunOnce: [dlite] dllmanager.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/S...in/AvSniff.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.co...?1101134429777
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/S.../bin/cabsa.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) - http://a840.g.akamai.net/7/840/537/2...ll/xscan53.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab

ps. le cosse sono un attimino migliorate dopo lo scan di panda, ma non molto

Discussione: Credo di avere il pc zeppo di virus!

Strumenti discussione

Ricerca discussione

Visualizza

Visualizzazione discussione

Permessi di invio